Listing of the Claims: 



1 1. (Original) An apparatus comprising: 

2 at least one processor; 

3 a memory coupled to the at least one processor; 

4 a directory service server that accesses a directory that has a plurality of entries, 

5 the plurality of entries including at least one proxy entry that contains security 

6 information for a corresponding protected resource, the directory service server including 

7 authentication and authorization functions that determine whether a selected one of the 

8 plurality of entries maybe accessed; 

9 a plurality of protected resources that are not stored or contained within the 

10 directory; 

11 an application residing in the memory and executed by the at least one processor, 

12 the application including a logical mapping that correlates each protected resource with a 

13 corresponding proxy entry, the application determining whether the application is 

14 authorized to access a selected protected resource by invoking the authentication and 

1 5 authorization functions in the directory service server to determine whether the proxy 

16 entry corresponding to the selected resource may be accessed, and if so, the application 

17 accesses the selected protected resource. 

1 2. (Original) The apparatus of claim 1 wherein the directory service server is a 

2 Lightweight Directory Access Protocol (LDAP) server, and wherein the directory is an 

3 LDAP directory. 

1 3. (Original) The apparatus of claim 1 wherein the application does not access the 

2 selected protected resource if the proxy entry corresponding to the selected resource 

3 cannot be accessed. 



2 



1 4. (Original) A method for a directory service that contains a proxy entry corresponding 

2 to an external protected resource to provide authentication and authorization functions to 

3 a software application, the method comprising the steps of: 

4 (A) when the software application needs to access the external protected resource, 

5 performing the steps of: 

6 (Al) identifying a proxy entry that corresponds to the external protected 

7 resource; 

8 (A2) the software application requesting from the directory service access 

9 to the proxy entry that corresponds to the external protected resource; and 

10 (A3) if the directory service grants access to the proxy entry that 

1 1 corresponds to the external protected resource, the application accesses the 

1 2 external protected resource. 

1 5. (Original) The method of claim 4 further comprising the step of: 

2 (A4) if the directory service denies access to the proxy entry that 

3 corresponds to the external protected resource, the application does not access the 

4 protected resource. 
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1 6. (Original) A method for a directory service to provide authentication and authorization 

2 functions to a software application, the method comprising the steps of: 

3 (A) determining which of a plurality of resources require protection; 

4 (B) creating a proxy entry in the directory service for each protected resource; 

5 (C) generating a logical mapping that correlates each protected resource to its 

6 corresponding proxy entry; 

7 (D) when the software application needs to access a selected protected resource, 

8 performing the steps of: 

9 (Dl) using the logical mapping to identify a proxy entry that corresponds 

10 to the selected protected resource; 

1 1 (D2) the software application requesting from the directory service access 

12 to the identified proxy entry; and 

13 (D3) if the directory service grants access to the identified proxy entry, the 

14 application accesses the selected protected resource A 

1 7. (Original) The method of claim 6 further comprising the step of: 

2 (D4) if the directory service denies access to the proxy entry that 

3 corresponds to the selected protected resource, the application does not access the 

4 selected protected resource. 
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1 8. (Original) A program product comprising: 

2 (A) a software application that uses a logical mapping that correlates a plurality of 

3 protected resources that are not stored or contained within the directory with 

4 corresponding proxy entries in a directory service that is managed by a directory service 

5 server, the application determining whether the application is authorized to access a 

6 selected protected resource by invoking authentication and authorization functions in the 

7 directory service server to determine whether the proxy entry corresponding to the 

8 selected resource may be accessed, and if so, the application accesses the selected 

9 protected resource; and 

10 (B) computer-readable signal bearing media bearing the software application. 



1 9. (Original) The program product of claim 8 wherein the signal bearing media 

2 comprises recordable media. 



1 10. (Original) The program product of claim 8 wherein the signal bearing media 

2 comprises transmission media. 



1 11. (Original) The program product of claim 8 wherein the directory service server is a 

2 Lightweight Directory Access Protocol (LDAP) server, and wherein the directory is an 

3 LDAP directory. 

1 12. (Original) The program product of claim 8 wherein the application does not access 

2 the selected protected resource if the proxy entry corresponding to the selected resource 

3 cannot be accessed. 
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STATUS OF THE CLAIMS 

Claims 1-12 were originally filed in this patent application. No claims have been 
amended. Claims 1-12 are currently pending. 
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